Questions & Answers PDF Page 1 


ECCouncil 


312-85 Exam 
Certified Threat Intelligence Analyst 


WY) CERTKILLERS 


Thank you for Downloading 312-85 exam PDF Demo 


You can also try our 312-85 Full Version Download 


https://www.certkillers.net/Exam/312-85 


https://www.certkillers.net 


Questions & Answers PDF Page 2 


Version: 4.0 


Question: 1 


Daniel is a professional hacker whose aim is to attack a system to steal data and money for profit. He 
performs hacking to obtain confidential data such as social security numbers, personally identifiable 
information (PII) of an employee, and credit card information. After obtaining confidential data, he 
further sells the information on the black market to make money. 

Daniel comes under which of the following types of threat actor. 


A. Industrial spies 

B. State-sponsored hackers 
C. Insider threat 

D. Organized hackers 


Answer: D 


Question: 2 


An attacker instructs bots to use camouflage mechanism to hide his phishing and malware delivery 
locations in the rapidly changing network of compromised bots. In this particular technique, a single 
domain name consists of multiple IP addresses. 

Which of the following technique is used by the attacker? 


A. DNS zone transfer 
B. Dynamic DNS 
C. DNS interrogation 
D. Fast-Flux DNS 


Answer: D 


Question: 3 


Kathy wants to ensure that she shares threat intelligence containing sensitive information with the 
appropriate audience. Hence, she used traffic light protocol (TLP). 

Which TLP color would you signify that information should be shared only within a particular 
community? 


A. Red 

B. White 
C. Green 
D. Amber 
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Answer: D 


Question: 4 


Moses, a threat intelligence analyst at InfoTec Inc., wants to find crucial information about the 
potential threats the organization is facing by using advanced Google search operators. He wants to 
identify whether any fake websites are hosted at the similar to the organization’s URL. 

Which of the following Google search queries should Moses use? 


A. related: www.infothech.org 
B. info: www.infothech.org 

C. link: www.infothech.org 

D. cache: www.infothech.org 


Answer: A 


Question: 5 


A team of threat intelligence analysts is performing threat analysis on malware, and each of them 
has come up with their own theory and evidence to support their theory on a given malware. 

Now, to identify the most consistent theory out of all the theories, which of the following analytic 
processes must threat intelligence manager use? 


A. Threat modelling 

B. Application decomposition and analysis (ADA) 
C. Analysis of competing hypotheses (ACH) 

D. Automated technical analysis 


Answer: C 
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